Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FS#2770 - prevent <file> and <code> syntax regex matching too much #241

Merged
merged 20 commits into from Aug 1, 2013

Conversation

Chris--S
Copy link
Collaborator

Both <file> and <code> parser regex will match tokens which start '<file' or '<code'. The patch adds a word boundary into the regex to prevent overmatching.

[ Before merging, might be an idea to add unit tests for both and syntax modes ]

@splitbrain
Copy link
Collaborator

👍 for unit tests

bug and others added 19 commits July 31, 2013 11:38
This replaces the deprecated and broken Blowfish implementation that has
previously been used and should provide a lot more security.
Added an explanation that what we do is like normal CBC but that we
additionally encrypt the IV which is actually suggested by the NIST for
non-random (but unique) IVs. In the decryption process it's not
necessary to decrypt the IV, this should save some time.
This adds a new parameter to ft_backlinks() to ignore permissions which
is needed for invalidating the cache of linking pages with useheading
enabled. This also adds various test cases for ft_backlinks().
The refshow configuration option wasn't used as described anymore
already in the latest release and after the introduction of the media
usage index the parameter is also no longer relevant for internal
optimization. The only place where it was still used is the no longer
used search_references()-function which is removed here, too.
…rofile form.

The current message confusingly mentions bad 'username' when username is not involved.  The
new message is the same as that introduced for an incorrect current password on the self
delete profile form (FS#2751)
code - test correct recognition of downloadable filename token
file - test correct recognition of syntax name & downloadable filename tokens
Chris--S added a commit that referenced this pull request Aug 1, 2013
FS#2770 - prevent <file> and <code> syntax regex matching too much
@Chris--S Chris--S merged commit 449bad3 into master Aug 1, 2013
splitbrain added a commit that referenced this pull request Apr 9, 2020
When looking at a page's old revsion (or diff) a now assigned schema may
not have existed at the the time of the given revision. This caused a
fatal error. Now such exceptions are ignored.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

5 participants